<?php

namespace App\Http\Middleware;

use App\Lib\Code;
use App\Services\ApiResponseService;
use Closure;
use Illuminate\Support\Facades\Auth;

class TradePwdVerify
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if ( ! $request->has('trade_pwd')) {
            return ApiResponseService::showError(Code::TRADE_PWD_INVALID);
        }
        $trade_pwd = $request->input('trade_pwd');
        $user = Auth::user();
        if ( ! password_verify($trade_pwd, $user->trade_pwd)) {
            return ApiResponseService::showError(Code::TRADE_PWD_INVALID);
        }
        return $next($request);
    }
}
